Pulse in the Press: Release of private data

NHS already handing out private data on thousands of patients: Details given to universities, hospitals and watchdogs without checking for consent.

From March the NHS will begin taking personal information from patients’ GP records to pass on to researchers and private firms

There are fears the information could fall into the hands of hackers

Critics also claim information could be used to push up insurance premiums

But it has emerged the NHS is already handing out patients’ personal data

The NHS is already handing out personal data about tens of thousands of patients including their names and addresses at a rate of nearly once a week, it emerged yesterday.

Health bosses are routinely providing details to university researchers, watchdogs, hospitals and other governments without seeking patients’ consent.

In March, the NHS will begin a controversial project which involves extracting personal information from patients’ GP records and passing them on to researchers and private firms.

Officials say it will provide a wealth of information to help improve care and develop new cures but there are fears it will fall into the hands of hackers and insurance firms who could use it to hike up premiums.

But it has now emerged that the NHS is already passing on personal information about tens of thousands of patients without their knowledge to universities, hospitals, watchdogs and other governments.

An investigation by Pulse magazine (please keep) found that since April, officials have handed over information on 31 occasions – nearly once a week.

The records were from tens of thousands of hospital patients undergoing tests or treatment for cancer, heart disease or fractures which is already routinely collated and stored on an NHS database.

And controversially the information passed on included patients’ names, addresses – as well as their illnesses and dates of birth.

NHS officials have insisted that when the project gets underway this Spring, most data will be available on an anonymous basis – with patients given random names.

This will minimise the risk that patients names’ and details of their highly personal complaints and illnesses will end up online or in research papers.

But revelations that data with patients’ names on is already being handed out so frequently – before the project even gets underway – has fuelled further privacy concerns.

On another, the Royal College of Obstetricians and Gynecologists were given information about thousands of women giving birth at NHS hospitals just so they could create a maternity database.

In order to get patients’ names and addresses, organisations have to make a special application to an NHS body called the Confidentiality Advisory Group, and this is then approved by the Health Secretary.
Researchers or private firms may need patients names and addresses to contact them for further information.

But on most occasions the NHS only plans to release data that won’t identify patients – it will only include their NHS number, date of birth and a false name.

Nonetheless campaigners say it will be easy enough for researchers or private firms to find out who patients are from this information alone.

An NHS England spokesman said: ‘NHS England and the Health and Social Care Information Centre (HSCIC) welcome the increase in public awareness and debate about NHS data usage following the nationwide distribution of the leaflet “Better Information means Better Care”.

‘It is vital, however, that this debate is based on facts, and that the complexities of how we handle different types of data are properly understood.’